Tech
Pulling the plug: A way to halt a cyber attacker in your network? | Computer Weekly
There’s a cyber attack under way. An intruder is inside your network: moving freely, collecting data, and setting up a command-and-control (C&C) node for future communication. Except this time, you’re watching them – you can see what they’re doing. The dilemma remains: what do you do? Allow them to continue traversing the network while you operate, wait for forensic specialists to arrive or find a way to stop them?
Earlier this year, a BBC news report on the Co-op incident claimed that the IT team at the UK retailer “made the decision to take computer services offline, preventing the criminals from continuing their hack”.
The criminals sent a message to the BBC, stating: “Co-op’s network never ever suffered ransomware. They yanked their own plug – tanking sales, burning logistics and torching shareholder value.”
In its statement, Co-op said it “took early and decisive action to protect our Co-op, including restricting access to some systems”, which helped to contain the issue, prevent further data being accessed and protect the wider organisation.
When questioned at the Business and Trade Sub-Committee in July, Co-op representatives did not use the phrase “pulling the plug” directly. But Rob Elsey, group chief digital information officer at Co-op, said VPN and remote access were restricted “as a way of ensuring that we were able to keep the criminals out of our systems”.
Elsey explained that software within its network was “effectively trying to communicate with a threat actor’s website”, and after identifying the source, the team took the proactive measure of pausing all communication within that zone.
This, he stressed, was not “pulling the plug”. Co-op’s systems “are heavily segregated, which means this was very much focused on one specific zone”. He told the committee: “Throughout this, all our online business continued to operate normally, and our retail stores and payments are segmented, so they were not part of this attack.”
Which plug do you pull?
Whether Co-op truly pulled the plug is open to interpretation. But in the wake of recent rulings on ransomware payments, the option to take immediate action may lead to more pragmatic decisions.
Ev Kontsevoy, CEO of Teleport, says that while pulling the plug might be an effective short-term tactic, “it’s a sledgehammer approach, not a strategy”, adding: “Taking systems offline might stop lateral movement or data exfiltration in the moment, but it doesn’t solve the root problem: how attackers got in, how long they were there and what they accessed. It also causes unnecessary business disruption, which is one of the more tangible impacts of cyber attacks these days. We should not be encouraging even more disruption by taking systems offline.”
Tim Rawlins, director and senior adviser at NCC Group, tells Computer Weekly that it is not as straightforward as simply “pulling a plug”. The critical question, he says, is which plug – one connected to the outside world, or one on the internal network?
“When people talk about pulling out the plug, we don’t want them to turn off systems completely, because then we lose all the volatile forensic evidence – the data in memory. If you pull the plug in the classic ‘turn it off, turn it back on again’ sense, that’s what we lose,” he says.
Instead, Rawlins advises proper network segmentation: “You’re trying to make it harder to get from this segment to that segment. It’s either entirely physically separated, or it’s got firewalls with additional role-based access control.”
Segmenting a network, he adds, is best practice regardless. In the event of an attack, it makes lateral movement more difficult. “If you can pull the network plug, not the power plug, then you can reduce the chances of it spreading off one host onto multiple hosts – and really that is where ‘pulling the plug’ comes in,” Rawlins says.
“There is an element of shutting down things you believe haven’t been compromised. If you can see the route they came in, you can get ahead of that and stop access to it. But you need to make sure it fails gracefully. If you just turn a system off – literally pull the plug – a lot of systems will crash.
“You can instead shut them down so they are dormant and not available to be attacked – that’s what a lot of organisations will do. The shorthand is to pull the plug; the longhand is that you’ve got to think about it a bit more carefully.”
Context matters
The issue is not simply whether to pull the plug, but what the situation demands. In a LinkedIn poll this reporter ran on this subject, 55% of respondents said pulling the plug was the best way to stop an attack in its tracks. However, comments on the poll made it clear that it’s not so binary. One respondent said it was “drastic, last resort stuff”. Others stressed the need to consider “architecture, segmentation, critical servers, type of incident and many more data points” before acting.
Tim Anderson, chief customer officer for the UK at CyberCX, explains that while taking servers offline is a common and often effective step, it is not straightforward and can introduce new risks.
“It’s important to target the right systems,” he says. “Given how interconnected modern computer systems are – both internally and to the internet – switching everything off can be complex, time-consuming and disruptive.
“Where possible, our digital forensics and incident responders prefer ‘surgical’ network isolations of specific systems or portions of the network. This effectively disconnects the impacted systems from the internet, rather than pulling the power. It can contain the attack and allow investigators crucial time to understand the scale and impact.”
Pulling the plug, he acknowledges, can sometimes be effective, but it’s not preferred. It can be highly disruptive, and sophisticated attackers often deploy methods of regaining access once systems come back online.
Admission of failure?
Another angle is perception. If you do pull the plug, are you effectively admitting failure? Rafal Los, podcast host and head of services GTM at ExtraHop, suggests yes. “That’s one of the few things I’d fire a CISO for – you’re having a security issue and you have to shut down business? You’re fired,” he says.
Los cites the 2003 SQL Slammer worm as an example of when networks collapsed entirely, leaving shutdown as the only option. But a mere 18 months later, he says, better practices allowed for more surgical interventions, like shutting down specific network segments or ports.
“In 2025, this cannot be a working strategy,” Los argues. “If the answer is ‘shut it all down’, then you’ve got what you perceive to be an uncontrollable bleed in one of your fingers, and your answer is to lop it off.”
He points out that micro-segmentation and zero trust have been discussed for years. If the playbook still ends with pulling the power cable, that signals you’ve lost visibility and control. “At that point, that is every cyber security expert’s absolute worst nightmare,” he says. “I can’t imagine giving the advice to somebody to just shut it down. That sounds, dare I say it, just irresponsible.”
The precedent
Despite these warnings, there are high-profile examples of shutdowns. According to Newsweek, a 2012 cyber attack on Saudi Aramco saw the Shamoon virus delete hard drives, forcing the company to destroy more than 30,000 computers.
Similarly, the 2021 attack on Colonial Pipeline led to several systems being taken offline to contain the breach. That move temporarily halted pipeline operations and disrupted multiple IT systems.
Los acknowledges there are extreme cases where shutting down everything is the only option. But, he said, if that’s the only solution on the table, it reflects being “wholly unprepared as an organisation”.
Rawlins agreed that cutting internet access mid-attack can sometimes make sense, as it deprives attackers of their command-and-control node. But the wider consequences – what else depends on that connectivity – must be weighed.
Final thoughts
Fictional depictions of cyber security often portray pulling the plug as the dramatic solution. But in reality, it’s rarely the final or best option. More often, it reflects poor network architecture or insufficient segmentation.
The true solution lies in preparedness: segmentation, playbooks and rehearsed incident response plans. In cyber security, switching it off and on again may work for some problems – but when it comes to an active attack, it’s rarely the best option.
The role of digital technologies, such as IoT, 3D printing, and digital platforms, holds significant potential for supporting a circular economy. However, digital technologies are not a magic fix that can instantly change how physical resources are used and produced to prevent waste and promote a circular economy.
In her doctoral thesis, Ida Eyi Heathcote-Fumador explores digitally mediated circular practices within ecosystems to understand the human–material interactions involved in enabling a digitally mediated circular economy. Heathcote-Fumador will defend the thesis on November 5.
Circular economy focuses on managing the use and creation of physical resources, products, residual materials, and by-products to prevent them from ending up in landfills as waste, while ensuring that organic materials safely return to the environment.
What challenges do you focus on in your research?
Material resources and their sustainable management are central to the circular economy, while digital technologies are often seen as more intangible, flexible, and having multiple functions. When examining the role of digital technologies, we often overlook the material characteristics that shape these technologies, as well as the human activities involved in ensuring that technological and material configurations align with the principles of sustainable material management.
How do you address the problem?
I studied two ecosystems, or groups of organizations working together: one in Ghana, Africa, and the other in Europe, specifically Sweden and Portugal. Both focused on using digital technologies to support the sustainable recovery of waste from the environment.
Through interviews, observations, and document analysis, I examined how physical materials, digital technologies, and human activities influence each other to create digitally mediated circular practices. I used a human-material tuning approach to understand the mutual roles of materials, digital technologies, and human actions in establishing circular practices.
What are the main findings?
I developed a model showing that the circular principles of resource care are central to activities leading to the emergence of digitally mediated circular practices. Human actions involve the collective imagination of sustainable futures for production and consumption, the prospecting of suitable materials and digital technologies, and their shaping to realize these visions. This shaping process, referred to as tuning—a term first introduced by Andrew Pickering (1993)—is akin to adjusting a radio to obtain a preferred signal.
For instance, the organizations I studied shared a strong commitment to reducing environmental waste by converting it into new products with the help of digital technologies. They identified discarded materials such as fishing nets and selected technologies like 3D printing to transform these wastes into new products.
However, because 3D printers are typically optimized for virgin materials, the process requires extensive experimentation to adapt the technology to recycled inputs. This perseverance, driven by care for both the material and the environment, enabled the successful realization of digitally mediated circular practices.
What do you hope your research will lead to?
My research aims to encourage both scholars and practitioners to consider the material and human activities of the circular economy when examining how digital technologies enable it. Circularity is based on specific principles, with materials at its center. Recognizing and documenting their influence can enhance our overall understanding of how material, digital, and human components interconnect, shaping digitally mediated circular practices. This comprehensive recognition will result in solutions that effectively promote a circular economy.
More information:
Digitally Mediated Circular Economy Practices in Ecosystems : A Human-Material Tuning Practice Perspective. research.chalmers.se/en/publication/548860
Citation:
How digital technologies can support a circular economy (2025, October 28)
retrieved 28 October 2025
from https://techxplore.com/news/2025-10-digital-technologies-circular-economy.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no
part may be reproduced without the written permission. The content is provided for information purposes only.
Data from ChatGPT-maker OpenAI suggest that more than a million of the people using its generative AI chatbot have shown interest in suicide.
In a blog post published on Monday, the AI company estimated that approximately 0.15% of users have “conversations that include explicit indicators of potential suicidal planning or intent.”
With OpenAI reporting more than 800 million people use ChatGPT every week, this translates to about 1.2 million people.
The company also estimates that approximately 0.07% of active weekly users show possible signs of mental health emergencies related to psychosis or mania—meaning slightly fewer than 600,000 people.
The issue came to the fore after California teenager Adam Raine died by suicide earlier this year. His parents filed a lawsuit claiming ChatGPT provided him with specific advice on how to kill himself.
OpenAI has since increased parental controls for ChatGPT and introduced other guardrails, including expanded access to crisis hotlines, automatic rerouting of sensitive conversations to safer models, and gentle reminders for users to take breaks during extended sessions.
OpenAI said it has also updated its ChatGPT chatbot to better recognize and respond to users experiencing mental health emergencies, and is working with more than 170 mental health professionals to significantly reduce problematic responses.
© 2025 AFP
Citation:
OpenAI says a million ChatGPT users talk about suicide (2025, October 28)
retrieved 28 October 2025
from https://techxplore.com/news/2025-10-openai-million-chatgpt-users-suicide.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no
part may be reproduced without the written permission. The content is provided for information purposes only.
Imagine a road cyclist or downhill skier whose clothing adapts to their wind speed, allowing them to shave time just by pulling or stretching the fabric.
Such cutting-edge textiles are within reach, thanks to researchers at the Harvard John A. Paulson School of Engineering and Applied Sciences (SEAS). Led by SEAS mechanical engineering graduate student David Farrell, a study published in Advanced Materials describes a new type of textile that uses dimpling to adjust its aerodynamic properties while worn on the body. The research has the potential to change not only high-speed sports, but also industries like aerospace, maritime, and civil engineering.
The research is a collaboration between the labs of Katia Bertoldi, the William and Ami Kuan Danoff Professor of Applied Mechanics, and Conor J. Walsh, the Paul A. Maeder Professor of Engineering and Applied Sciences.
On-demand golf ball dimples
Farrell, whose research interests lie at the intersection of fluid dynamics and artificially engineered materials, or metamaterials, led to the creation of a unique textile that forms dimples on its surface when stretched, even when tightly fitted around a person’s body. The fabrics utilize the same aerodynamic principles as a golf ball, whose dimpled surface causes a ball to fly farther by using turbulence to reduce drag. Because the fabric is soft and elastic, it can move and stretch to change the size and shape of the dimples on demand.
Adjusting dimple sizes can make the fabric perform better in certain wind speeds by reducing drag by up to 20%, according to the researchers’ experiments using a wind tunnel.
“By performing 3,000 simulations, we were able to explore thousands of dimpling patterns,” Farrell said. “We were able to tune how big the dimple is, as well as its form. When we put these patterns back in the wind tunnel, we find that certain patterns and dimples are optimized for specific wind-speed regions.”
Farrell and team used a laser cutter and heat press to create a dual-toned fabric made of a stiffer black woven material, similar to a backpack strap, and a gray, softer knit that’s flexible and comfortable. Using a two-step manufacturing process, they cut patterns into the woven fabric and sealed it together with the knit layer to form a textile composite. Experimenting with multiple flat samples patterned in lattices like squares and hexagons, they systematically explored how different tessellations affect the mechanical response of each textile material.
Lattice pattern
The textile composite’s on-demand dimpling is the result of a lattice pattern that Bertoldi and others have previously explored for its unusual properties. Stretch a traditional textile onto the body, and it will smooth out and tighten. “Our textile composite breaks that rule,” Farrell explained. “The unique lattice pattern allows the textile to expand around the arm rather than clamp down.
“We’re using this unique property that [Bertoldi] and others have explored for the last 10 years in metamaterials, and we’re putting it into wearables in a way that no one’s really seen before,” Farrell said.
More information:
David T. Farrell et al, Programmable Surface Dimpling of Textile Metamaterials for Aerodynamic Control, Advanced Materials (2025). DOI: 10.1002/adma.202505817
Citation:
Novel textile can adjust its aerodynamic properties on demand (2025, October 28)
retrieved 28 October 2025
from https://techxplore.com/news/2025-10-textile-adjust-aerodynamic-properties-demand.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no
part may be reproduced without the written permission. The content is provided for information purposes only.
Miami extends Bright deal, DP spot still open
Former OKC F Singler, 37, charged with assault
How digital technologies can support a circular economy
-
Fashion1 week agoChinese woman charged over gold theft at Paris Natural History Museum
-
Tech1 week agoThis Smart Warming Mug Is Marked Down by $60
-
Fashion1 week agoeBay UK seller fee removal sends revenue down but profits rise
-
Entertainment1 week agoJohn Grisham unveils his first-ever mystery, “The Widow”
-
Tech1 week agoEaster Island’s Moai Statues May Have Walked to Where They Now Stand
-
Tech1 week agoOpenAI has slipped shopping into ChatGPT users’ chats—here’s why that matters
-
Tech1 week agoAI model could boost robot intelligence via object recognition
-
Fashion1 week agoThe North Face and Cecilie Bahnsen launch second collaboration